doc: warn of SECURITY DEFINER schemas for non-sql_body functions

author Bruce Momjian <[email protected]>

Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)

committer Bruce Momjian <[email protected]>

Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)
author Bruce Momjian <[email protected]>
Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)
committer Bruce Momjian <[email protected]>
Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)
diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml

index 81d086769785f1f9248d8090d42b2be9ed82b1b7..e60e93ea7b4a954afb8dd123baa6e4c4b9c8d79a 100644 (file)
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -753,7 +753,10 @@ SELECT * FROM dup(42);
     <para>
      Because a <literal>SECURITY DEFINER</literal> function is executed
      with the privileges of the user that owns it, care is needed to
-    ensure that the function cannot be misused.  For security,
+    ensure that the function cannot be misused.  This is particularly
+    important for non-<replaceable>sql_body</replaceable> functions because
+    their function bodies are evaluated at run-time, not creation time.
+    For security,
      <xref linkend="guc-search-path"> should be set to exclude any schemas
      writable by untrusted users.  This prevents
      malicious users from creating objects (e.g., tables, functions, and
author	Bruce Momjian <[email protected]>
	Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)
committer	Bruce Momjian <[email protected]>
	Thu, 1 Sep 2022 01:10:37 +0000 (21:10 -0400)